use not hardcoded OIDC secret in jellyfin
This commit is contained in:
parent
77e21eaceb
commit
533d95851b
1 changed files with 7 additions and 1 deletions
|
@ -372,12 +372,18 @@ in
|
|||
{
|
||||
id = cfg.oidcClientID;
|
||||
description = "Jellyfin";
|
||||
secretFile = config.sops.secrets."jellyfin/sso_secret".path;
|
||||
secretFile = config.sops.secrets."authelia/jellyfin_sso_secret".path;
|
||||
public = "false";
|
||||
authorization_policy = "one_factor";
|
||||
redirect_uris = [ "https://${cfg.subdomain}.${cfg.domain}/sso/OID/r/${cfg.oidcProvider}" ];
|
||||
}
|
||||
];
|
||||
sops.secrets."authelia/jellyfin_sso_secret" = {
|
||||
inherit (cfg) sopsFile;
|
||||
key = "jellyfin/sso_secret";
|
||||
mode = "0400";
|
||||
owner = config.shb.authelia.autheliaUser;
|
||||
};
|
||||
|
||||
# For backup
|
||||
|
||||
|
|
Loading…
Reference in a new issue